Version Description
- 1.5.2 introduced an issue that can freeze the media library. This fixes that issue. Sorry!
Download this release
Release Info
| Developer | enshrined |
| Plugin |  Safe SVG |
| Version | 1.5.3 |
| Comparing to | |
| See all releases | |
Code changes from version 1.5.2 to 1.5.3
- readme.txt +4 -1
- safe-svg.php +40 -20
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Donate link: https://wpsvg.com/
|
|
| 4 |
Tags: svg, sanitize, upload, sanitise, security, svg upload, image, vector, file, graphic, media, mime
|
| 5 |
Requires at least: 4.0
|
| 6 |
Tested up to: 4.9.0
|
| 7 |
-
Stable tag: 1.5.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -39,6 +39,9 @@ Install through the WordPress directory or download, unzip and upload the files
|
|
| 39 |
|
| 40 |
== Changelog ==
|
| 41 |
|
|
|
|
|
|
|
|
|
|
| 42 |
= 1.5.2 =
|
| 43 |
* Tested with 4.9.0
|
| 44 |
* Fixed an issue with SVGs when regenerating media
|
| 4 |
Tags: svg, sanitize, upload, sanitise, security, svg upload, image, vector, file, graphic, media, mime
|
| 5 |
Requires at least: 4.0
|
| 6 |
Tested up to: 4.9.0
|
| 7 |
+
Stable tag: 1.5.3
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 39 |
|
| 40 |
== Changelog ==
|
| 41 |
|
| 42 |
+
= 1.5.3 =
|
| 43 |
+
* 1.5.2 introduced an issue that can freeze the media library. This fixes that issue. Sorry!
|
| 44 |
+
|
| 45 |
= 1.5.2 =
|
| 46 |
* Tested with 4.9.0
|
| 47 |
* Fixed an issue with SVGs when regenerating media
|
safe-svg.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
Plugin Name: Safe SVG
|
| 4 |
Plugin URI: https://wpsvg.com/
|
| 5 |
Description: Allows SVG uploads into WordPress and sanitizes the SVG before saving it
|
| 6 |
-
Version: 1.5.
|
| 7 |
Author: Daryll Doyle
|
| 8 |
Author URI: http://enshrined.co.uk
|
| 9 |
Text Domain: safe-svg
|
|
@@ -45,6 +45,7 @@ if ( ! class_exists( 'safe_svg' ) ) {
|
|
| 45 |
add_action( 'get_image_tag', array( $this, 'get_image_tag_override' ), 10, 6 );
|
| 46 |
add_filter( 'wp_generate_attachment_metadata', array( $this, 'skip_svg_regeneration' ), 10, 2 );
|
| 47 |
add_filter( 'plugin_action_links_' . plugin_basename( __FILE__ ), array( $this, 'add_upgrade_link' ) );
|
|
|
|
| 48 |
}
|
| 49 |
|
| 50 |
/**
|
|
@@ -101,7 +102,8 @@ if ( ! class_exists( 'safe_svg' ) ) {
|
|
| 101 |
|
| 102 |
if ( $file['type'] === 'image/svg+xml' ) {
|
| 103 |
if ( ! $this->sanitize( $file['tmp_name'] ) ) {
|
| 104 |
-
$file['error'] = __( "Sorry, this file couldn't be sanitized so for security reasons wasn't uploaded",
|
|
|
|
| 105 |
}
|
| 106 |
}
|
| 107 |
|
|
@@ -164,9 +166,9 @@ if ( ! class_exists( 'safe_svg' ) ) {
|
|
| 164 |
/**
|
| 165 |
* Filters the attachment data prepared for JavaScript to add the sizes array to the response
|
| 166 |
*
|
| 167 |
-
* @param array
|
| 168 |
* @param int|object $attachment Attachment ID or object.
|
| 169 |
-
* @param array
|
| 170 |
*
|
| 171 |
* @return array
|
| 172 |
*/
|
|
@@ -202,11 +204,11 @@ if ( ! class_exists( 'safe_svg' ) ) {
|
|
| 202 |
* Filters the image src result.
|
| 203 |
* Here we're gonna spoof the image size and set it to 100 width and height
|
| 204 |
*
|
| 205 |
-
* @param array|false
|
| 206 |
-
* @param int
|
| 207 |
-
* @param string|array $size
|
| 208 |
* (in that order). Default 'thumbnail'.
|
| 209 |
-
* @param bool
|
| 210 |
*
|
| 211 |
* @return array
|
| 212 |
*/
|
|
@@ -222,9 +224,9 @@ if ( ! class_exists( 'safe_svg' ) ) {
|
|
| 222 |
/**
|
| 223 |
* If the featured image is an SVG we wrap it in an SVG class so we can apply our CSS fix.
|
| 224 |
*
|
| 225 |
-
* @param string $content
|
| 226 |
-
* @param int
|
| 227 |
-
* @param int
|
| 228 |
*
|
| 229 |
* @return string
|
| 230 |
*/
|
|
@@ -248,12 +250,12 @@ if ( ! class_exists( 'safe_svg' ) ) {
|
|
| 248 |
/**
|
| 249 |
* Override the default height and width string on an SVG
|
| 250 |
*
|
| 251 |
-
* @param string
|
| 252 |
-
* @param int
|
| 253 |
-
* @param string
|
| 254 |
-
* @param string
|
| 255 |
-
* @param string
|
| 256 |
-
* @param string|array $size
|
| 257 |
* Default 'medium'.
|
| 258 |
*
|
| 259 |
* @return mixed
|
|
@@ -272,14 +274,14 @@ if ( ! class_exists( 'safe_svg' ) ) {
|
|
| 272 |
/**
|
| 273 |
* Skip regenerating SVGs
|
| 274 |
*
|
| 275 |
-
* @param int
|
| 276 |
-
* @param string $file
|
| 277 |
*
|
| 278 |
* @return mixed Metadata for attachment.
|
| 279 |
*/
|
| 280 |
function skip_svg_regeneration( $metadata, $attachment_id ) {
|
| 281 |
if ( 'image/svg+xml' === get_post_mime_type( $attachment_id ) ) {
|
| 282 |
-
return new WP_Error( 'skip_svg_generate', __( 'Skipping SVG file.', 'safe-svg' ) );
|
| 283 |
}
|
| 284 |
|
| 285 |
return $metadata;
|
|
@@ -300,6 +302,24 @@ if ( ! class_exists( 'safe_svg' ) ) {
|
|
| 300 |
return array_merge( $links, $mylinks );
|
| 301 |
}
|
| 302 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 303 |
}
|
| 304 |
}
|
| 305 |
|
| 3 |
Plugin Name: Safe SVG
|
| 4 |
Plugin URI: https://wpsvg.com/
|
| 5 |
Description: Allows SVG uploads into WordPress and sanitizes the SVG before saving it
|
| 6 |
+
Version: 1.5.3
|
| 7 |
Author: Daryll Doyle
|
| 8 |
Author URI: http://enshrined.co.uk
|
| 9 |
Text Domain: safe-svg
|
| 45 |
add_action( 'get_image_tag', array( $this, 'get_image_tag_override' ), 10, 6 );
|
| 46 |
add_filter( 'wp_generate_attachment_metadata', array( $this, 'skip_svg_regeneration' ), 10, 2 );
|
| 47 |
add_filter( 'plugin_action_links_' . plugin_basename( __FILE__ ), array( $this, 'add_upgrade_link' ) );
|
| 48 |
+
add_filter( 'wp_get_attachment_metadata', array( $this, 'metadata_error_fix' ), 10, 2 );
|
| 49 |
}
|
| 50 |
|
| 51 |
/**
|
| 102 |
|
| 103 |
if ( $file['type'] === 'image/svg+xml' ) {
|
| 104 |
if ( ! $this->sanitize( $file['tmp_name'] ) ) {
|
| 105 |
+
$file['error'] = __( "Sorry, this file couldn't be sanitized so for security reasons wasn't uploaded",
|
| 106 |
+
'safe-svg' );
|
| 107 |
}
|
| 108 |
}
|
| 109 |
|
| 166 |
/**
|
| 167 |
* Filters the attachment data prepared for JavaScript to add the sizes array to the response
|
| 168 |
*
|
| 169 |
+
* @param array $response Array of prepared attachment data.
|
| 170 |
* @param int|object $attachment Attachment ID or object.
|
| 171 |
+
* @param array $meta Array of attachment meta data.
|
| 172 |
*
|
| 173 |
* @return array
|
| 174 |
*/
|
| 204 |
* Filters the image src result.
|
| 205 |
* Here we're gonna spoof the image size and set it to 100 width and height
|
| 206 |
*
|
| 207 |
+
* @param array|false $image Either array with src, width & height, icon src, or false.
|
| 208 |
+
* @param int $attachment_id Image attachment ID.
|
| 209 |
+
* @param string|array $size Size of image. Image size or array of width and height values
|
| 210 |
* (in that order). Default 'thumbnail'.
|
| 211 |
+
* @param bool $icon Whether the image should be treated as an icon. Default false.
|
| 212 |
*
|
| 213 |
* @return array
|
| 214 |
*/
|
| 224 |
/**
|
| 225 |
* If the featured image is an SVG we wrap it in an SVG class so we can apply our CSS fix.
|
| 226 |
*
|
| 227 |
+
* @param string $content Admin post thumbnail HTML markup.
|
| 228 |
+
* @param int $post_id Post ID.
|
| 229 |
+
* @param int $thumbnail_id Thumbnail ID.
|
| 230 |
*
|
| 231 |
* @return string
|
| 232 |
*/
|
| 250 |
/**
|
| 251 |
* Override the default height and width string on an SVG
|
| 252 |
*
|
| 253 |
+
* @param string $html HTML content for the image.
|
| 254 |
+
* @param int $id Attachment ID.
|
| 255 |
+
* @param string $alt Alternate text.
|
| 256 |
+
* @param string $title Attachment title.
|
| 257 |
+
* @param string $align Part of the class name for aligning the image.
|
| 258 |
+
* @param string|array $size Size of image. Image size or array of width and height values (in that order).
|
| 259 |
* Default 'medium'.
|
| 260 |
*
|
| 261 |
* @return mixed
|
| 274 |
/**
|
| 275 |
* Skip regenerating SVGs
|
| 276 |
*
|
| 277 |
+
* @param int $attachment_id Attachment Id to process.
|
| 278 |
+
* @param string $file Filepath of the Attached image.
|
| 279 |
*
|
| 280 |
* @return mixed Metadata for attachment.
|
| 281 |
*/
|
| 282 |
function skip_svg_regeneration( $metadata, $attachment_id ) {
|
| 283 |
if ( 'image/svg+xml' === get_post_mime_type( $attachment_id ) ) {
|
| 284 |
+
// return new WP_Error( 'skip_svg_generate', __( 'Skipping SVG file.', 'safe-svg' ) );
|
| 285 |
}
|
| 286 |
|
| 287 |
return $metadata;
|
| 302 |
return array_merge( $links, $mylinks );
|
| 303 |
}
|
| 304 |
|
| 305 |
+
/**
|
| 306 |
+
* Filters the attachment meta data.
|
| 307 |
+
*
|
| 308 |
+
* @param array|bool $data Array of meta data for the given attachment, or false
|
| 309 |
+
* if the object does not exist.
|
| 310 |
+
* @param int $post_id Attachment ID.
|
| 311 |
+
*/
|
| 312 |
+
function metadata_error_fix( $data, $post_id ) {
|
| 313 |
+
|
| 314 |
+
// If it's a WP_Error regenerate metadata and save it
|
| 315 |
+
if ( is_wp_error( $data ) ) {
|
| 316 |
+
$data = wp_generate_attachment_metadata( $post_id, get_attached_file( $post_id ) );
|
| 317 |
+
wp_update_attachment_metadata( $post_id, $data );
|
| 318 |
+
}
|
| 319 |
+
|
| 320 |
+
return $data;
|
| 321 |
+
}
|
| 322 |
+
|
| 323 |
}
|
| 324 |
}
|
| 325 |
|
